Security Policy
shieldkit provides basic guardrails for AI SDK applications. It is not a complete security product. Read limitations before relying on it for compliance or threat prevention.
Supported versions
| Version | Supported |
|---|---|
| 0.1.x | Yes |
Reporting a vulnerability
If you believe you have found a security issue in shieldkit:
- Do not open a public GitHub issue for exploitable vulnerabilities.
- Contact the repository maintainer privately with:
- A description of the issue
- Steps to reproduce
- Impact assessment
- Affected versions
- Allow reasonable time for a fix before public disclosure.
Use GitHub Security → Advisories → Report a vulnerability when available.
Scope
In scope
- Bypass of input/output guardrails when used as documented
- Session budget or audit logging flaws
- Tool guard bypass (
guardTools) - Structured output repair leaking sensitive data unexpectedly
Out of scope
- Prompt injection that defeats regex/heuristic guards (documented limitation)
- Provider API security
- Consumer misconfiguration (disabled guards, missing
sessionId, etc.)
Production recommendations
- Use
strictmode withincludePartialInRetry: falsewhen outputs may contain PII - Combine with provider-level safety features
- Route audit logs to a retained, access-controlled sink
- Treat serverless budgets as best-effort — see limitations
- Require human approval for high-risk tools